package org.online.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.online.conmon.Const;
import org.online.entity.User;



/**
 * 用户登录
 * 
 * @author Administrator
 *
 */
@WebServlet("/login.do")
public class LoginServlet extends HttpServlet {

	private static final long serialVersionUID = 1L;

	@Override
	protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		// 获取表单数据
		String name = req.getParameter("username");
		String pass = req.getParameter("password");
		
		// 验证数据的合法性（服务器验证） -- 略（正则）
		
		// 实例化实体对象，封装用户输入的数据  -- DAO
		User user  = new User(name,pass) ;

		// 判断是否合法帐号 - DAO
		String path = "login-error.html";

		if (name != null && !"".equals(name) && pass != null && !"".equals(pass)) {
			// 把登录帐号设置在HttpSession对象中 - 实现会话跟踪 - 常规动作
			// 1.获取HttpSession的实例
			HttpSession session = req.getSession();
			
			// 2.把当前登录的帐号（整个用户实体对象）
			session.setAttribute(Const.LOGIN_USER, user);

			// 3.设置登录成功要跳转的后台页面
			path = "index.html";
		}

		resp.sendRedirect(path);
	}

}
